[Summit] TLS s2s interconect hackfest
dave at cridland.net
Wed Jan 27 08:46:32 CST 2010
On Wed Jan 27 14:23:33 2010, Peter Saint-Andre wrote:
> On 1/27/10 6:25 AM, Dave Cridland wrote:
> > On Wed Jan 27 13:03:50 2010, Peter Saint-Andre wrote:
> >> On 1/27/10 6:00 AM, Dave Cridland wrote:
> >> > On Wed Jan 27 12:44:05 2010, Diana Cionoiu wrote:
> >> >> Hello,
> >> >>
> >> >> Is there ANYONE interested to test TLS s2s during the Friday
> >> >
> >> > We can certainly do that.
> >> +1. This is a major gap in testing and deployment, perhaps
> because it's
> >> not visible to users.
> > Right, that's true. It's also very easy to get wrong in various
> > ways. (My favourite remains the case where you decide that the
> > you're connecting to doesn't have a valid certificate, and
> > instead of using the EXTERNAL you're offered, you insist on doing
> > dialback to authenticate yourself.)
> That is rather strange from the PKI perspective, but it's always
> like a good fallback from the XMPP perspective. Or is it? :)
It isn't sane at all.
The initiator ends up trusting the receiver without any
authentication outside of a trust in DNS, which it had anyway - it's
refusing to use the credentials that the receiver is happy to trust,
however, for no apparent reason.
Falling back to dialback when your X.509 credentials aren't accepted
is of course a sane fallback for XMPP. Falling back when they *are*
accepted is weird.
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the Summit